https://github.com/tradmod/security-audits

TradMod's Security Reviews Portfolio, Audits and Bug Report Findings
https://github.com/tradmod/security-audits

audits blockchainsecurity bugbounty cybersecurity securityresearch

Last synced: 8 months ago
JSON representation

TradMod's Security Reviews Portfolio, Audits and Bug Report Findings

Host: GitHub
URL: https://github.com/tradmod/security-audits
Owner: TradMod
Created: 2025-05-14T07:30:24.000Z (10 months ago)
Default Branch: main
Last Pushed: 2025-06-16T19:44:24.000Z (8 months ago)
Last Synced: 2025-06-16T20:40:45.760Z (8 months ago)
Topics: audits, blockchainsecurity, bugbounty, cybersecurity, securityresearch
Homepage:
Size: 50.8 KB
Stars: 5
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- Audit: Audits/0xEquityAuditReport.md

Awesome Lists containing this project

README

          # TradMod Audit Portfolio

I’m an independent security researcher with a focus on smart contracts security, specializing in logic-heavy protocols, cross-chain systems, bridges infrastructure, staking and restaking mechanisms, governance and DAO protocols, Vaults, AMM & CLOB DEXs, etc. I’ve reported 55+ high and medium severity vulnerabilities across Solidity, Golang, and Rust-variant Cairo audis, and uncovered bugs in live protocols via Immunefi. My experience spans both solo and team audits, underpinned by a strong foundation in smart contracts development. Prior to focusing on security, I led a development team to victory in two major hackathons, Chainlink and ETHGlobal. In a nutshell, I do Jihad against Code ⚔

> I am available for private smart contract security audits, testing, and collaborative team audits.

Feel free to reach out via [Twitter/X](https://x.com/TheTradMod), [Telegram](https://t.me/tradmodsec), or email at [TradMod@proton.me](mailto:TradMod@proton.me).

## Security Engagements 

### Team & Collaborative Audits

| Project | Protocol Type | Company | Language | Report |

|:-|:-|:-|:-|:-:|

| RemusDex | DEX & CLOB | [Codespect](https://codespect.net/) | Cairo | [Link](https://github.com/CODESPECT-security/audit-reports/blob/main/004_CODESPECT_REMUSDEX_AUDIT.pdf) |

| Toucan Aragon/LightLink | Cross-Chain Governance & LayerZero OFTs | [BlockApex](https://blockapex.io/) | Solidity | [Link](https://reports.blockapex.io/report?id=PEN-DOC-202506020916) |

| TokenTable | Tokens Vesting & Distribution | [Codespect](https://codespect.net/) | Solidity | [Link](https://github.com/CODESPECT-security/audit-reports/blob/main/013_CODESPECT_TOKENTABLE_UNLOCKERV2_EVM.pdf) |

| Mystic Finance | Liquid Staking & RWAfi | [KannAudits](https://kannaudits.com/) | Solidity | [Link](https://github.com/Kann-Audits/Kann-Audits/blob/main/reports/pdf-format/Mystic%20Finance.pdf) |

| Verde MetaPool | Stablecoin, CDP Vault & Staking | [BlockApex](https://blockapex.io/) | Solidity | Private |

### Solo Audits & Engagements

| Project | Protocol | Type | Report |

|:-|:-|:-|:-:|

| 0xEquity | RWAs Marketplace | Audit | [Link](https://github.com/TradMod/Security-Audits/blob/main/Audits/0xEquityAuditReport.md) |

| IDriss | Tokens Tipping/Payments | Audit | [Link](https://github.com/TradMod/Security-Audits/blob/main/Audits/IDrissAuditFindings.md) |

| Possum Labs | DEX Adapter | Testing | [Link](https://github.com/TradMod/Security-Audits/blob/main/Testing/PossumLabsTestingReport.md) |

## Bug Bounty Findings

| Project | Bug Description | Protocol Type | Severity | Details |

|:-|:-|:-|:-|:-:|

| WardenSwap | Dangerous Payable Function | AMM DEX  | LOW | [Bug Report](https://github.com/TradMod/Security-Audits/blob/main/Bug%20Bounty/WardenSwapBugReport.md) |

| Hourglass | Attacker can Overwrite User Order Data | CLOB DEX | CRITICAL | [Bug Report](https://github.com/TradMod/Security-Audits/blob/main/Bug%20Bounty/HourglassBugReport.md) |

## Notable Audit Contests Achievements

| Project | Protocol Type | Platform | Language | Result | Links |

|:-|:-|:-|:-|:-|:-:|

| Thorchain | Cross-chain | Code4rena | Solidity & Golang | Top-7 with a High and 2 Meds | [Bug](https://github.com/code-423n4/2024-06-thorchain-findings/issues/17) | 

| Catalyst | Cross-chain | Hats Finance | Solidity | Top-5 with a Uniquie Finding | [Bug](https://github.com/hats-finance/Catalyst-Exchange-0x3026c1ea29bf1280f99b41934b2cb65d053c9db4/issues/11) | 

| Unitas | Stablecoins | Sherlock | Solidity | Top-7 with a High Impact Finding | [Bug](https://github.com/sherlock-audit/2023-04-unitasprotocol-judging/issues/105) | 

| Party | Governance | Code4rena | Solidity | Critical Impact Finding | [Bug](https://github.com/code-423n4/2023-10-party-findings/issues/370) | 

| Chakra | Cross-chain | Code4rena | Cairo & Solidity | 3 High impact Findings and a Medium | [Bug](https://github.com/code-423n4/2024-08-chakra-findings/issues/84) | 

## Security Research 

- [Awesome-Audits-Checklists](https://github.com/TradMod/awesome-audits-checklists)

- [AcrossV3 Secure Integration Guide](https://x.com/TheTradMod/status/1929886889940595143?t=29Ml30pWfJiemwt-Tf_r1w&s=19) [&](https://github.com/windhustler/Interoperability-Protocol-Security-Checklist/blob/main/audit-checklists/Across.md) [Research](https://gist.github.com/TradMod/e3947b23969b8eff56c6d3c92dbbd63a)

- [Saving a User from a Nasty MEV Bot Scam](https://x.com/TheTradMod/status/1925686910594249177) 

- [Findings and Report Critical bug for free: Open-Source Contribution](https://x.com/TheTradMod/status/1743257299530203314)

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/tradmod/security-audits

Awesome Lists containing this project

README